Application Filtering: Yes or No?

Discussion in 'LnS English Forum' started by cooLkAffe, Jun 2, 2005.

Thread Status:
Not open for further replies.
  1. cooLkAffe

    cooLkAffe Registered Member

    Joined:
    Dec 16, 2004
    Posts:
    33
    I've made this thread because I'm curious to learn a bit more about application filtering. I often get the pop-up (Authorize/Deny) and it's rare I actually need to or want to deny. As it is now - I've only denied some Windows XP files which I didn't find necessary to give access.

    Let me know if this is correct: If I disable application filtering everything will have outbound access?

    Or is it (as I hope but can't get to work) -- that when disabling application filtering, the rules already entered will be used and any further outbound access will be denied?
     
  2. halcyon

    halcyon Registered Member

    Joined:
    May 14, 2003
    Posts:
    373
    The rules already entered will ALWAYS be active, regardless of whether one has application filtering enabled or not.

    So, even when it is enabled, giving full/direct access to an app, does not enable the software to accedd net unless there is a corresponding filtering rule that opens the desired port.

    That's how I have understood it based on answers received here and my own trials.
     
  3. Thomas M

    Thomas M Registered Member

    Joined:
    Jan 12, 2003
    Posts:
    355
    A simple test on my system showed that disabling "Application Filtering" immediately allows all applications to connect (as long as internet filtering permits the address/port).

    Thomas :)
     
  4. cooLkAffe

    cooLkAffe Registered Member

    Joined:
    Dec 16, 2004
    Posts:
    33
    Yeah, that's what I thought o_O
     
  5. cooLkAffe

    cooLkAffe Registered Member

    Joined:
    Dec 16, 2004
    Posts:
    33
    So a solution might be -- if I don't want to actively use Application Filtering -- to make a rule that deny all outgoing connections and put in the end of the listo_O
     
  6. halcyon

    halcyon Registered Member

    Joined:
    May 14, 2003
    Posts:
    373
    Yes. Look at the Phantom rule set available in this forum. It does exactly that, but also sets pass-through rules for most of the common needed protocols (dhcp, dns, etc).
     
  7. cooLkAffe

    cooLkAffe Registered Member

    Joined:
    Dec 16, 2004
    Posts:
    33
    I'll try that. Thanx halcyon :)
     
  8. cooLkAffe

    cooLkAffe Registered Member

    Joined:
    Dec 16, 2004
    Posts:
    33
    And by the way... Can anyone point me in direction of his rules set -- I've searched but can only find threads about the rules set... and no links to it :(.
     
  9. halcyon

    halcyon Registered Member

    Joined:
    May 14, 2003
    Posts:
    373
  10. cooLkAffe

    cooLkAffe Registered Member

    Joined:
    Dec 16, 2004
    Posts:
    33
    Should be renamed to ZIP -- just so others know!

    - and of course Thank You :D
     
    Last edited: Jun 8, 2005
  11. cooLkAffe

    cooLkAffe Registered Member

    Joined:
    Dec 16, 2004
    Posts:
    33
    ** deleted **
     
    Last edited: Jun 11, 2005
  12. cooLkAffe

    cooLkAffe Registered Member

    Joined:
    Dec 16, 2004
    Posts:
    33
    ** deleted **
     
    Last edited: Jun 11, 2005
  13. cooLkAffe

    cooLkAffe Registered Member

    Joined:
    Dec 16, 2004
    Posts:
    33
    I talked to Frederic about this option:

    No popup for yet unknown applications - just block by default any new application that will come.

    As of right now it CAN be done and it's more a workaround than an actual option. But it works :). The devs are aware of my request so no need to ask further - for now just do this:

    In advanced options:
    1. Enable use of password
    2. Enable Lock All
    3. Either define a password or just click OK - A blank password works as well
     
  14. Are specific rules needed in the "Application Filtering" window for application filtering to apply to that particular application? For instance, if I enable filtering, but I don't list "Internet Explorer in the "Application Filtering" window, will IE still have access to the internet without warning?
    Does every app not listed in the window get internet access!

    I do get warning boxes for some apps wanting access to the net, but i'm looking for a reasonable explaination as to how it really works for "ALL" applications.

    Some applications seem to get around the firewall prompts on occasion, and no prompt to allow/disallow acess via LnS. Explorer and smss being just a few. So what I have to do is to block these for awhile to find out what they're doing.

    Has anyone had to allow explorer.exe the ability to start other programs?
    It does seem that's one of it's functions, but only recently have I had to manually allow this action through "Application Filtering"
     
  15. atze_13

    atze_13 Guest

    Maybe you have to run the registry patch found elsewhere at this forum.
    For me the app filtering runs only after installing the patch, before patching
    some or all apps connected without asking.
     
  16. cooLkAffe

    cooLkAffe Registered Member

    Joined:
    Dec 16, 2004
    Posts:
    33
Thread Status:
Not open for further replies.